In January 2023 the Cybersecurity and Infrastructure Security Agency started a pilot that warns organizations about potential ransomware attacks. To date, the program has sent out more than 2,000 alerts to organizations at risk.

To receive these alerts, organizations need to sign up for CISA’s free cyber hygiene scanning tool. Roughly three days after signing up for the program, CISA’s vulnerability scanning tools will start looking at the organization’s external network presence with continuous scans of its IP addresses, looking for accessible services and vulnerabilities. Based on the vulnerability scans the organization will receive weekly vulnerability reports and ad-hoc alerts.

Another aspect is the publicly accessible web applications. This evaluation looks at the most critical web application security risks. This service provides detailed reports monthly, as well as on-demand reports to check whether your web applications remain secure. 

So far, about 7,000 organizations, including federal, state, local, tribal and territorial governments, as well as public and private sector critical infrastructure organizations have signed up for the program. But organizations that haven’t signed up may also receive alerts about vulnerabilities identified on their internet-facing devices.

CISA director Jen Easterly said that the agency’s automated vulnerability warning program will be ready for full deployment by the end of the year. Interested organizations can send an email to vulnerability@cisa.dhs.gov with the subject line “Requesting Cyber Hygiene Services” to get started.

Although free and proven useful, organizations should realize that there are more effective measures to be taken against ransomware and ransomware is not the only threat out there. The Ransomware Vulnerability Warning Pilot is a good initiative, but it should never be your only defense.